<?php
if (($_POST['username'] != null) && ($_POST['password'] != null)) {

    $username = $_POST['username'];

	$password = md5(trim($_POST['password']));


	$conn = mysqli_connect('localhost','book','zxc235711','book');

	if (mysqli_errno($conn)) {
		
		mysqli_error($conn);

		exit;
	}

	mysqli_set_charset($conn, 'utf8');

	$sql = "select * from user where username = '$username'";


	$res = mysqli_query($conn, $sql);

	$row = mysqli_fetch_assoc($res);
     

	if ($row['password'] == $password) {
		
		setcookie('usernmae', $username, time()+60*60*24);

		setcookie('password', $password, time()+60*60*24);

		header('Location: welcome.php'."?username=$username");
	}else{
		echo "密码不正确!";
	}
}
//再次访问的时候通过cookie来识别用户
if (($_COOKIE['username'] != null) && ($_COOKIE['password'] != null)) {
	$username = $_COOKIE['username'];
	$password = $_COOKIE['password'];

	//从db获取用户信息
	$conn = mysqli_connect('localhost', 'book', 'zxc235711', 'book');
	$row = mysqli_query($conn, "select * from user where username = $username");
	if ($row['password'] == $password) {
		header('Location: welcome.php'."?username=$username");
	}
}


?>

<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<title>用户登录</title>
</head>
<body>
<form action="" method="POST">
	<div>
      用户名：<input type="text" name="username"><br />
      密  码：<input type="password" name="password"><br />
      <input type="submit" value="登 录">
	</div>

</form>
</body>
</html>